You’ve seen our articles on ransomware, IT security and reliability. So when we tell you that the bad guys are NEVER resting you can believe it. And although ransomware attacks can arrive from a number of vectors over 75% of these exploits arrive via phishing e-mails. Phishing emails are emails which arrive, sometimes from a trusted sender, which appear to be real emails and which try to get the recipient to either open an attachment or click on a link. Either action results in malware being deposited on the user’s machine.
By spoofing a sender’s address these phishing attempts can be quite successful…so successful that it can cost users their paychecks. This happened to several users with Wichita State University, in which a phishing email successfully convinced users to enter their payroll system credentials. Once this was done the perpetrators altered the deposit info and diverted the funds.
Don’t be “that guy” (or girl):
be skeptical of ANY email, especially if it asks you to enter credentials…at least ASK!
be skeptical of any email which implies time pressure to take an action
it is highly dangerous to use consistent credentials on multiple accounts, especially for important business services (such as banking, payroll, loans, etc.)
Don’t use the same credentials for personal services (Facebook, LinkedIn, etc.) as for business services
Have a list of serious business services which you utilize…in this way if you make a mistake, you can advise your supervisor or IT staff, and immediately begin to change credentials without having to hunt the accounts down
Think of yourself as a “human firewall”…trained users are a businesses best defense. That’s why Dolce Vita provides training free of charge to our clients!